Forgot your password?
typodupeerror

Slashdot is powered by your submissions, so send in your scoop

Businesses

Comcast Allegedly Asking Customers to Stop Using Tor 371

Posted by samzenpus
from the no-tor-for-you dept.
An anonymous reader writes Comcast agents have reportedly contacted customers who use Tor and said their service can get terminated if they don't stop using Tor. According to Deep.Dot.Web, one of those calls included a Comcast customer service agent who allegedly called Tor an “illegal service.” The Comcast agent told the customer that such activity is against usage policies. The Comcast agent then allegedly told the customer: "Users who try to use anonymity, or cover themselves up on the internet, are usually doing things that aren’t so-to-speak legal. We have the right to terminate, fine, or suspend your account at anytime due to you violating the rules. Do you have any other questions? Thank you for contacting Comcast, have a great day." Update: 09/15 18:38 GMT by S : Comcast has responded, saying they have no policy against Tor and don't care if people use it.
Privacy

New Details About NSA's Exhaustive Search of Edward Snowden's Emails 185

Posted by samzenpus
from the taking-a-good-look dept.
An anonymous reader points out this Vice story with new information about the NSA's search of Edward Snowden's emails. Last year, the National Security Agency (NSA) reviewed all of Edward Snowden's available emails in addition to interviewing NSA employees and contractors in order to determine if he had ever raised concerns internally about the agency's vast surveillance programs. According to court documents the government filed in federal court September 12, NSA officials were unable to find any evidence Snowden ever had.

In a sworn declaration, David Sherman, the NSA's associate director for policy and records, said the agency launched a "comprehensive" investigation after journalists began to write about top-secret NSA spy programs upon obtaining documents Snowden leaked to them. The investigation included searches of any records where emails Snowden sent raising concerns about NSA programs "would be expected to be found within the agency." Sherman, who has worked for the NSA since 1985, is a "original classification authority," which means he can classify documents as "top-secret" and process, review, and redact records the agency releases in response to Freedom of Information Act (FOIA) requests.

In his declaration, Sherman detailed steps he said agency officials took to track down any emails Snowden wrote that contained evidence he'd raised concerns inside the agency. Sherman said the NSA searched sent, received, deleted emails from Snowden's account and emails "obtained by restoring back-up tapes." He noted that NSA officials reviewed written reports and notes from interviews with "NSA affiliates" with whom the agency spoke during its investigation.
United States

Treasure Map: NSA, GCHQ Work On Real-Time "Google Earth" Internet Observation 231

Posted by samzenpus
from the lets-see-what-you're-doing dept.
wabrandsma) writes with the latest accusations about NSA spying activity in Germany. According to top-secret documents from the NSA and the British agency GCHQ, the intelligence agencies are seeking to map the entire Internet
Furthermore, every single end device that is connected to the Internet somewhere in the world — every smartphone, tablet and computer — is to be made visible. Such a map doesn't just reveal one treasure. There are millions of them. The breathtaking mission is described in a Treasure Map presentation from the documents of the former intelligence service employee Edward Snowden which SPIEGEL has seen. It instructs analysts to "map the entire Internet — Any device, anywhere, all the time." Treasure Map allows for the creation of an "interactive map of the global Internet" in "near real-time," the document notes. Employees of the so-called "FiveEyes" intelligence agencies from Great Britain, Canada, Australia and New Zealand, which cooperate closely with the American agency NSA, can install and use the program on their own computers. One can imagine it as a kind of Google Earth for global data traffic, a bird's eye view of the planet's digital arteries.
United States

Navy Guilty of Illegally Broad Online Searches: Child Porn Conviction Overturned 266

Posted by samzenpus
from the looking-too-far dept.
An anonymous reader writes In a 2-1 decision, the 9th Circuit Court ruled that Navy investigators regularly run illegally broad online surveillance operations that cross the line of military enforcement and civilian law. The findings overturned the conviction of Michael Dreyer for distributing child pornography. The illegal material was found by NCIS agent Steve Logan searching for "any computers located in Washington state sharing known child pornography on the Gnutella file-sharing network." The ruling reads in part: "Agent Logan's search did not meet the required limitation. He surveyed the entire state of Washington for computers sharing child pornography. His initial search was not limited to United States military or government computers, and, as the government acknowledged, Agent Logan had no idea whether the computers searched belonged to someone with any "affiliation with the military at all." Instead, it was his "standard practice to monitor all computers in a geographic area," here, every computer in the state of Washington. The record here demonstrates that Agent Logan and other NCIS agents routinely carry out broad surveillance activities that violate the restrictions on military enforcement of civilian law. Agent Logan testified that it was his standard practice to "monitor any computer IP address within a specific geographic location," not just those "specific to US military only, or US government computers." He did not try to isolate military service members within a geographic area. He appeared to believe that these overly broad investigations were permissible, because he was a "U.S. federal agent" and so could investigate violations of either the Uniform Code of Military Justice or federal law."
United Kingdom

School Installs Biometric Fingerprint System For Cafeteria 226

Posted by samzenpus
from the paying-with-one-finger dept.
An anonymous reader writes with news about a school in England that has introduced a cashless cafeteria system that is raising some privacy concerns among some. Stourbridge students will soon be able to pay for their lunch without searching their pockets for change. Redhill School has spent £20,000 updating its dining facilities and introducing a cashless catering system. The system will allow parents to deposit funds into students catering accounts, to be debited by the pupil's biometric fingerprint scan at the point of sale. Headteacher Stephen Dunster said: "The benefits are that pupils are less likely to lose cash, parents know their children are using their dinner money to buy nutritious food and there will also be a system to alert staff if students are purchasing food that they may be allergic to."
Government

NSA Metadata Collection Gets 90-Day Extension 72

Posted by Soulskill
from the you-can-trust-us-for-90-more-days dept.
schwit1 sends word that the Foreign Intelligence Surveillance Court has authorized a 90-day extension to the NSA's ability to collect bulk metadata about U.S. citizens' phone calls. In April, the House of Representatives passed a bill to limit the NSA's collection of metadata, but the Senate has been working on their version of the bill since then without yet voting on it. Because of this, and the alleged importance of continuing intelligence operations, the government sought a 90-day reauthorization of the current program. The court agreed. Senator Patrick Leahy said this clearly demonstrates the need to get this legislation passed. "We cannot wait any longer, and we cannot defer action on this important issue until the next Congress. This announcement underscores, once again, that it is time for Congress to enact meaningful reforms to protect individual privacy.
Privacy

Justice Sotomayor Warns Against Tech-Enabled "Orwellian" World 159

Posted by Soulskill
from the trading-privacy-for-convenience dept.
An anonymous reader writes: U.S. Supreme Court Justice Sonia Sotomayor spoke on Thursday to faculty and students at the University of Oklahoma City about the privacy perils brought on by modern technology. She warned that the march of technological progress comes with a need to enact privacy protections if we want to avoid living in an "Orwellian world" of constant surveillance. She said, "There are drones flying over the air randomly that are recording everything that's happening on what we consider our private property. That type of technology has to stimulate us to think about what is it that we cherish in privacy and how far we want to protect it and from whom. Because people think that it should be protected just against government intrusion, but I don't like the fact that someone I don't know can pick up, if they're a private citizen, one of these drones and fly it over my property."
Privacy

The Challenges and Threats of Automated Lip Reading 119

Posted by Soulskill
from the surgical-masks-become-high-fashion-in-2018 dept.
An anonymous reader writes: Speech recognition has gotten pretty good over the past several years. it's reliable enough to be ubiquitous in our mobile devices. But now we have an interesting, related dilemma: should we develop algorithms that can lip read? It's a more challenging problem, to be sure. Sounds can be translated directly into words, but deriving meaning out of the movement of a person's face is much more complex. "During speech, the mouth forms between 10 and 14 different shapes, known as visemes. By contrast, speech contains around 50 individual sounds known as phonemes. So a single viseme can represent several different phonemes. And therein lies the problem. A sequence of visemes cannot usually be associated with a unique word or sequence of words. Instead, a sequence of visemes can have several different solutions." Beyond the computational aspect, we also need to decide, as a society, if this is a technology that should exist. The privacy implications extend beyond that of simple voice recognition.
Crime

Turning the Tables On "Phone Tech Support" Scammers 208

Posted by timothy
from the mouthwatering-shadenfreude dept.
mask.of.sanity writes A security pro has released a Metasploit module that can take over computers running the Ammyy Admin remote control software popular among "Hi this is Microsoft, there's a problem with your computer" tech support scammers. The hack detailed in Matthew Weeks' technical post works from the end-user, meaning victims can send scammers the hijacking exploit when they request access to their machines. Victims should provide scammers with their external IP addresses rather than their Ammyy identity numbers as the exploit was not yet built to run over the Ammyy cloud, according to the exploit readme. This is much more efficient than just playing along but "accidentally" being unable to follow their instructions.
United States

U.S. Threatened Massive Fine To Force Yahoo To Release Data 223

Posted by timothy
from the your-government-at-work dept.
Advocatus Diaboli writes The U.S. government threatened to fine Yahoo $250,000 a day in 2008 if it failed to comply with a broad demand to hand over user data that the company believed was unconstitutional, according to court documents unsealed Thursday that illuminate how federal officials forced American tech companies to participate in the NSA's controversial PRISM program. The documents, roughly 1,500 pages worth, outline a secret and ultimately unsuccessful legal battle by Yahoo to resist the government's demands. The company's loss required Yahoo to become one of the first to begin providing information to PRISM, a program that gave the National Security Agency extensive access to records of online communications by users of Yahoo and other U.S.-based technology firms.
Iphone

Mining iPhones and iCloud For Data With Forensic Tools 85

Posted by Soulskill
from the security-through-panic-and-news-articles dept.
SternisheFan points out an article that walks us through the process of using forensic tools to grab data from iPhones and iCloud using forensic tools thought to have been employed in the recent celebrity photo leak. There are a number of ways to break into these devices and services depending on what kind of weakness an attacker has found. For example, if the attacked has possession of a target's iPhone, a simple command-line toolkit from Elcomsoft uses a jailbreak to bypass the iPhone's security. A different tool can extract iCloud data with access to a computer that has a local backup of a phone's data, or access to a computer that simply has stored credentials.

The discusses also details a method for spoofing device identification to convince iCloud to restore data to a device mimicking the target's phone. The author concludes, "Apple could go a long way toward protecting customer privacy just by adding a second credential to encrypt stored iCloud data. An encryption password could be used to decrypt the backup when downloaded to iTunes or to the device, or it could be used to decrypt the data as it is read by iCloud to stream down to the device."
Twitter

Laid Off From Job, Man Builds Tweeting Toilet 114

Posted by samzenpus
from the because-I-can dept.
dcblogs writes With parts from an electric motor, a few household items, an open-source hardware board running Linux, and some coding, Thomas Ruecker, built a connected toilet that Tweets with each flush. The first reaction to the Twitter feed at @iotoilets may be a chuckle. But the idea behind this and what it illustrates is serious. It tracks water usage, offers a warning about the future of privacy in the Internet of Things, and may say something about the modern job hunt. Ruecker built his device on a recent long weekend after he was laid off as an open source evangelist at a technology firm undergoing "rightsizing," as he put it.
Microsoft

Microsoft Agrees To Contempt Order So It Can Appeal Email Privacy Case 122

Posted by Soulskill
from the fighting-the-privacy-fight dept.
An anonymous reader writes: Microsoft made news some weeks ago for refusing to hand over customer emails stored on its Dublin, Ireland servers to the U.S. government. The district judge presiding over the case agreed with the government and ordered Microsoft to comply with its demands. On Monday, Microsoft struck a deal with the U.S. government in which the company would be held on contempt charges but would not be penalized for it until after the outcome of an appeal. The district judge endorsed the agreement (PDF) on Thursday.
Networking

Device Boots Drones, Google Glass Off Wi-Fi 184

Posted by Soulskill
from the they-don't-want-your-kind-around-here dept.
An anonymous reader writes: Amid the backlash against spy-eye drones as well as wearable cameras like Google Glass, one company is building a device to fight back. The Cyborg Unplug actively scans for drones or Google Glass on a local wireless network and blocks their traffic. They're billing it as an "anti-surveillance system" and marketing it toward businesses, restaurants, and schools. They take pains to note that it's not a jammer, instead sending copies of a de-authentication packet usually sent by a router when it disconnects a device. The device can, however, force devices to disconnect from any network, which they warn may be illegal in some places.
Bitcoin

Paypal Jumps Into Bitcoin With Both Feet 132

Posted by timothy
from the in-for-penny dept.
retroworks (652802) writes The BBC, the Wall Street Journal, Bloomberg, Forbes and several other business sites are buzzing with Paypal's incorporation of Bitcoin transactions. According to Wired, Paypal will be "the best thing ever to happen to Bitcoin." Paypal-owned Braintree not only brings 150 million active users in close contact with Bitcoin, it signals "mainstreaming" similar to cell phone app banking, perceived as experimental just a few years ago.
The Internet

BBC: ISPs Should Assume VPN Users Are Pirates 362

Posted by Soulskill
from the arrr-me-hearties dept.
An anonymous reader sends this news from TorrentFreak: After cutting its teeth as a domestic broadcaster, the BBC is spreading its products all around the globe. Shows like Top Gear have done extremely well overseas and the trend of exploiting other shows in multiple territories is set to continue. As a result, the BBC is now getting involved in the copyright debates of other countries, notably Australia, where it operates four subscription channels. Following submissions from Hollywood interests and local ISPs, BBC Worldwide has now presented its own to the Federal Government. Its text shows that the corporation wants new anti-piracy measures to go further than ever before.

The BBC begins by indicating a preference for a co-operative scheme, one in which content owners and ISPs share responsibility to "reduce and eliminate" online copyright infringement. ... "Since the evolution of peer-to-peer software protocols to incorporate decentralized architectures, which has allowed users to download content from numerous host computers, the detection and prosecution of copyright violations has become a complex task. This situation is further amplified by the adoption of virtual private networks (VPNs) and proxy servers by some users, allowing them to circumvent geo-blocking technologies and further evade detection," the BBC explains.
Crime

Private Police Intelligence Network Shares Data and Targets Cash 142

Posted by samzenpus
from the mine-now-I-take-it dept.
Advocatus Diaboli writes Operating in collaboration with the U.S. Drug Enforcement Administration, Immigration and Customs Enforcement and other federal entities, Black Asphalt members exchanged tens of thousands of reports about American motorists, many of whom had not been charged with any crimes, according to a company official and hundreds of internal documents obtained by The Post. For years, it received no oversight by government, even though its reports contained law enforcement sensitive information about traffic stops and seizures, along with hunches and personal data about drivers, including Social Security numbers and identifying tattoos. Black Asphalt also has served as a social hub for a new brand of highway interdictors, a group that one Desert Snow official has called 'a brotherhood.' Among other things, the site hosts an annual competition to honor police who seize the most contraband and cash on the highways. As part of the contest, Desert Snow encouraged state and local patrol officers to post seizure data along with photos of themselves with stacks of currency and drugs. Some of the photos appear in a rousing hard-rock video that the Guthrie, Okla.-based Desert Snow uses to promote its training courses.
The Courts

Feds Say NSA "Bogeyman" Did Not Find Silk Road's Servers 142

Posted by samzenpus
from the try-and-try-again dept.
An anonymous reader writes The secret of how the FBI pinpointed the servers allegedly used by the notorious Silk Road black market website has been revealed: repeated login attempts. In a legal rebuttal, the FBI claims that repeatedly attempting to login to the marketplace revealed its host location. From the article: "As they typed 'miscellaneous' strings of characters into the login page's entry fields, Tarbell writes that they noticed an IP address associated with some data returned by the site didn't match any known Tor 'nodes,' the computers that bounce information through Tor's anonymity network to obscure its true source. And when they entered that IP address directly into a browser, the Silk Road's CAPTCHA prompt appeared, the garbled-letter image designed to prevent spam bots from entering the site. 'This indicated that the Subject IP Address was the IP address of the SR Server,' writes Tarbell in his letter, 'and that it was "leaking" from the SR Server because the computer code underlying the login interface was not properly configured at the time to work on Tor.'"
Privacy

Responding to Celeb Photo Leaks, Reddit Scotches "Fappening" Subreddit 307

Posted by timothy
from the whew-that's-a-relief-said-all-the-celebrities dept.
4chan might have introduced a DMCA policy, but Reddit goes farther: VentureBeat reports that the online community known as The Fappening has been dissolved by Reddit, in response to its use in posting and sharing many of the photos leaked from dozens of celebrities. This isn’t the first time Reddit has decided to take action to ban certain questionable communities from its site, as its previously killed other subreddits like Creepshots for similar invasions of privacy as well as banned well-known power users shown to enable such actions. ... Reddit system admin Jason Harvey (aka “alienth”) attempted to cool some of the fuss by starting that discussion about why the company decided to ban the subreddit. Most of it boils down to Reddit waiting too long to speak up about it before making the decision to ban, while assuming its users would mostly understand why it took place. ... “If Reddit is truly to be a platform that’s open in any way, it needs transparency when (heavy handed) actions such as these are taken,” said Reddit user SaidTheCanadian in response to Harvey, while also suggesting the company create a “public log” of sorts showing all banning actions as well as explanations for each instance of a banned community. “I don’t want to be part of a community where community voices are silenced without meaningful notice or explanation. (No one really does like that secret police feeling.)”
GNU is Not Unix

Stallman Does Slides -- and Brevity -- For TEDx 326

Posted by timothy
from the time-and-place-restrictions dept.
New submitter ciaran2014 writes Richard Stallman's long-format talks are well-known — there are videos going back to 2001 and transcripts dating back to 1986 — but he recently condensed his free software talk down to 14 minutes and set it to hand-drawn slides for TEDxGeneva (video link). He introduces with the four freedoms, as always, and then moves on to spyware, surveillance, non-free drivers, free software in schools, non-free javascript, Service as a Software Substitute and how free software is today necessary for a strong democracy. As usual, the talk is suitable for non-technical audiences.

Disclaimer: "These opinions are my own, though for a small fee they be yours too." -- Dave Haynie

Working...